Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/gcKyemfo4j11Ioh2pv6h6rNqWLg.roa
File: gcKyemfo4j11Ioh2pv6h6rNqWLg.roa (raw, json)
Hash identifier: lhXU3mvkrA5bDoIOgTqT64u4btvXlz5wk2tnq8bxhj0=
Subject key identifier: 81:C2:B2:7A:67:E8:E2:3D:75:22:88:76:A6:FE:A1:EA:B3:6A:58:B8
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01851A24757A59B348B1614476CD24FEE4B9
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/gcKyemfo4j11Ioh2pv6h6rNqWLg.roa
Signing time: Fri 16 Dec 2022 08:54:34 +0000
ROA not before: Fri 16 Dec 2022 08:54:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.233.0/24 maxlen: 24
85.133.234.0/24 maxlen: 24
85.133.237.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.236.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
85.133.242.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.194.0/24 maxlen: 24
85.133.199.0/24 maxlen: 24
85.133.202.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.216.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1a:24:75:7a:59:b3:48:b1:61:44:76:cd:24:fe:e4:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Dec 16 08:54:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81c2b27a67e8e23d75228876a6fea1eab36a58b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0f:23:4a:31:0f:7e:b9:6e:f8:75:40:74:b8:
57:c4:3a:50:64:c6:9c:e5:b7:e2:8a:96:0b:87:16:
78:cb:5e:ea:07:25:1d:0d:da:0e:63:6f:df:a9:bc:
a6:6d:34:5f:5e:59:99:e5:a7:2a:17:31:ee:28:73:
bf:ca:68:56:36:21:e9:f8:ab:43:e6:af:f8:a3:6a:
89:b6:59:a4:bb:e2:ee:44:b0:9f:99:6f:4a:3a:31:
fb:9a:6e:7c:d0:21:58:82:0d:27:3c:3a:3a:37:52:
01:5a:d1:f1:fc:4c:fa:14:e4:40:7f:b5:59:ef:0c:
7f:31:f9:f1:8d:4c:1c:28:d4:5e:07:c2:df:18:51:
f6:2c:dd:61:84:6a:91:d9:1f:7d:d1:5c:b7:cb:f7:
6c:35:ea:05:1e:ae:a9:f0:aa:13:b1:fd:9b:9e:ac:
63:49:0f:07:f5:9a:92:94:91:50:bb:a0:a7:0f:97:
de:39:1f:d3:d0:c6:79:26:03:5d:e1:83:00:98:9c:
67:37:af:d9:1a:1d:8f:8b:c8:45:9f:ce:bb:33:13:
b2:09:4f:a8:4c:c8:6d:b3:7f:ae:c6:d7:b6:99:59:
f3:59:35:fa:bb:ef:c5:fc:9e:39:99:ec:20:0a:66:
7a:67:b6:28:9c:4c:84:eb:b3:ac:2a:17:a9:6a:e9:
fd:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:C2:B2:7A:67:E8:E2:3D:75:22:88:76:A6:FE:A1:EA:B3:6A:58:B8
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/gcKyemfo4j11Ioh2pv6h6rNqWLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.132.0/24
85.133.135.0-85.133.137.255
85.133.143.0/24
85.133.146.0/24
85.133.151.0/24
85.133.153.0/24
85.133.156.0/24
85.133.160.0/23
85.133.164.0-85.133.166.255
85.133.174.0/24
85.133.178.0/23
85.133.194.0/24
85.133.199.0/24
85.133.202.0/24
85.133.205.0/24
85.133.208.0/24
85.133.215.0-85.133.219.255
85.133.221.0-85.133.222.255
85.133.225.0/24
85.133.227.0-85.133.228.255
85.133.233.0-85.133.234.255
85.133.236.0-85.133.238.255
85.133.241.0-85.133.242.255
85.133.250.0/24
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:bc:2b:d3:64:8a:81:96:50:a4:78:68:af:db:8d:0b:22:43:
df:5f:b6:e6:36:4d:6d:cc:cf:9e:0a:c4:b6:db:16:4d:69:61:
65:2c:7e:b0:c6:d3:4b:d7:df:aa:1a:86:1e:ae:ec:1e:4d:3f:
b8:d0:4b:8a:bd:5d:8f:db:75:66:0b:ce:ad:72:ea:df:9e:18:
81:62:09:e3:b7:53:df:2d:be:65:c0:60:0c:a3:7b:2c:a7:9c:
1c:0a:d2:7d:3b:6a:7c:c5:60:66:df:d3:08:50:26:73:40:b1:
65:e6:ba:b8:00:df:5d:63:c2:21:a6:8d:e4:c7:82:b9:59:90:
ea:4f:9a:ac:9c:fd:86:2d:90:8e:25:00:0a:50:2f:5e:fc:ab:
9a:a2:0b:61:a0:40:dc:1e:08:48:07:61:4e:16:6f:4d:19:52:
b5:cc:fb:46:11:a8:7f:48:30:d5:fd:70:0c:a3:85:8a:ec:da:
55:28:8c:0b:08:8a:8f:20:ee:8f:b2:92:08:5b:e5:3d:da:5b:
37:2c:b5:1a:95:9f:0a:bd:f5:26:39:7b:0d:47:6d:e4:01:72:
53:c1:91:71:19:f6:60:f9:f0:06:b1:1c:50:e2:c9:c1:7e:58:
0c:99:2c:c8:a9:58:74:f5:4d:f0:ad:58:7b:86:af:42:ee:74:
29:83:46:24
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYUaJHV6WbNIsWFEds0k/uS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjIxMjE2MDg1NDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWMyYjI3YTY3ZThlMjNkNzUyMjg4NzZhNmZlYTFlYWIzNmE1OGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvA8jSjEPfrlu+HVAdLhXxDpQZMac
5bfiipYLhxZ4y17qByUdDdoOY2/fqbymbTRfXlmZ5acqFzHuKHO/ymhWNiHp+KtD
5q/4o2qJtlmku+LuRLCfmW9KOjH7mm580CFYgg0nPDo6N1IBWtHx/Ez6FORAf7VZ
7wx/MfnxjUwcKNReB8LfGFH2LN1hhGqR2R990Vy3y/dsNeoFHq6p8KoTsf2bnqxj
SQ8H9ZqSlJFQu6CnD5feOR/T0MZ5JgNd4YMAmJxnN6/ZGh2Pi8hFn867MxOyCU+o
TMhts3+uxte2mVnzWTX6u+/F/J45mewgCmZ6Z7YonEyE67OsKhepaun9aQIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFIHCsnpn6OI9dSKIdqb+oeqzali4MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvZ2NLeWVtZm80ajExSW9oMnB2Nmg2ck5xV0xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBABV
hYQwDAMEAFWFhwMEAVWFiAMEAFWFjwMEAFWFkgMEAFWFlwMEAFWFmQMEAFWFnAME
AVWFoDAMAwQCVYWkAwQAVYWmAwQAVYWuAwQBVYWyAwQAVYXCAwQAVYXHAwQAVYXK
AwQAVYXNAwQAVYXQMAwDBABVhdcDBAJVhdgwDAMEAFWF3QMEAFWF3gMEAFWF4TAM
AwQAVYXjAwQAVYXkMAwDBABVhekDBABVheowDAMEAlWF7AMEAFWF7jAMAwQAVYXx
AwQAVYXyAwQAVYX6AwQAVYX9MA0GCSqGSIb3DQEBCwUAA4IBAQB8vCvTZIqBllCk
eGiv240LIkPfX7bmNk1tzM+eCsS22xZNaWFlLH6wxtNL19+qGoYeruweTT+40EuK
vV2P23VmC86tcurfnhiBYgnjt1PfLb5lwGAMo3ssp5wcCtJ9O2p8xWBm39MIUCZz
QLFl5rq4AN9dY8Ihpo3kx4K5WZDqT5qsnP2GLZCOJQAKUC9e/KuaogthoEDcHghI
B2FOFm9NGVK1zPtGEah/SDDV/XAMo4WK7NpVKIwLCIqPIO6PspIIW+U92ls3LLUa
lZ8KvfUmOXsNR23kAXJTwZFxGfZg+fAGsRxQ4snBflgMmSzIqVh09U3wrVh7hq9C
7nQpg0Yk
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:05 2023 by rpki-client on console-ams.rpki-client.org